A high-risk security flaw in several of Computer Associates' antivirus products could put users at risk of cyberattack, the software vendor warned on Monday.
The flaw lies in the scanning engine used in CA's enterprise and consumer antivirus products, the company said. An attacker could gain full control over a victim's PC by sending a specially crafted Microsoft Office document, according to a security advisory published on the CA Web site.
CA rates the issue "high risk" because an attacker can gain full access to a computer without any user interaction, according to the advisory.
The flaw in CA's antivirus engine is the latest in a series of security bugs in antivirus software. During the past few months, problems have been found in products from Symantec, McAfee, F-Secure and Trend Micro.
Consumer products that contain the flawed engine include CA's eTrust EZ Antivirus and EZ Armor, a bundle that offers the antivirus product. Affected business products include eTrust Antivirus, Intrusion Detection and Secure Content Manager, according to the advisory.
CA publicly disclosed the security issue on Monday, but had a patch available on 3 May, said Sam Curry, a vice-president at CA.
The patch was made available to corporate customers, Curry said. "The consumer products are automatically being updated today," he said. CA counts between 3 million and 4 million consumers and about 1 million organisations as its antivirus customers, he said.
Consumers who are on more recent versions of EZ Antivirus and EZ Armor may find that their products have already been automatically updated, CA said. Users should check if the antivirus engine in their product is version 11.9.1. If it is a lower number, a virus signature update should be done to get the patch, according to CA.
Users of older versions are advised to upgrade or follow the guidelines in CA's advisory.
CA is not aware of anyone actually using the latest vulnerability in its products to attack users, Curry said. "This vulnerability is still only a potential vulnerability. There are no known exploits in the wild yet," he said. "However, I would say it is only a matter of time."
Talkback
...of course, a bigger security risk is that CA will not be updating virus signatures for Inoculate IT v6.0 in September!
Typical "upgrade or else" bullying from CA!